SlideShare a Scribd company logo

Advanced GeoServer Security With GeoFence

GeoSolutions
GeoSolutions

This presentation will provide an introduction to GeoFence, an open source tool to configure and use complex authorization rules to protect data served by GeoServer OGC services.

Technology
1 of 36
Download to read offline
Advanced GeoServer Security With GeoFence Ing. Emanuele Tajariol, GeoSolutions Ing. Simone Giannecchini, GeoSolutions Ing. Alessio Fabiani, GeoSolutions FOSS4G 2013, Nottingham 20th September 2013
GeoSolutions   Founded in Italy in late 2006 Expertise • • Java, Java Enterprise, C++, Python •  Image Processing, GeoSpatial Data Fusion JPEG2000, JPIP, Advanced 2D visualization Supporting/Developing FOSS4G projects    GeoServer, MapStore GeoBatch, GeoNetwork Clients    Public Agencies Private Companies http://www.geo-solutions.it FOSS4G 2013, Nottingham 20th September 2013
Meet GeoFence FOSS4G 2013, Nottingham 20th September 2013
GeoFence   Extended A&A for GeoServer Authentication    Open Source    Optional Integrated with GeoServer authorization architecture GPL Code on GitHub Authorization   Auth on data: e.g. layers, workspaces Auth on services: e.g. WMS, WFS FOSS4G 2013, Nottingham 20th September 2013
GeoFence  Based on GSIP 57       Role Base Access Control    Mixed Interceptor + Probe approach Extended authorization management for GeoServer External Rule-Based System GeoServer Internal Probe On-the-fly manipulation of incoming requests Users Groups Rule-based database  IPTables-like FOSS4G 2013, Nottingham 20th September 2013
GeoFence  Fine Grain Authorization Control       External Web Application    Services Operations Workspaces Layers Attributes (alphanumeric and geospatial) REST Interface GUI Scalable  1 GeoFence controls N GeoServer cluster FOSS4G 2013, Nottingham 20th September 2013
GeoFence   Java Enterprise infrastructure  Spring/Spring-Remoting  Hibernate  Apache CXF Supports DBMS     PostgreSQL/PostGIS Oracle spatial H2 Performance ensured thanks to a fine-tunable cache FOSS4G 2013, Nottingham 20th September 2013
GeoServer Security Model FOSS4G 2013, Nottingham 20th September 2013
GeoServer Security Model  GeoServer offers extension points for   Authentication (filtering and credential checks) Authorization (resource access managers) FOSS4G 2013, Nottingham 20th September 2013
GeoServer Security Model   The GeoFence Authentication provider delegates credential checks to GeoFence The GeoFence Resource Access Manager asks for permissions to the GeoFence authorization engine FOSS4G 2013, Nottingham 20th September 2013
GeoServer Security Model FOSS4G 2013, Nottingham 20th September 2013
Digging GeoFence FOSS4G 2013, Nottingham 20th September 2013
GeoFence Architecture  Geofence Stack (again…) FOSS4G 2013, Nottingham 20th September 2013
GeoFence Architecture Modules and packages  GUI core: GUI logic, implemented using GWT  webapp: produces the final web application .war file Geoserver (GeoFence Probe)  security: the GeoServer/GeoFence bridge: implements the ResourceAccessManager, forwarding the authorization requests to a remote GeoFence instance   FOSS4G 2013, Nottingham 20th September 2013
GeoFence Architecture     The GeoFence ResourceAccessManager (Geofence Probe) is deployed in each GeoServer GeoServer instances in a cluster must share the same ClusterID (instance name) GeoFence uses the instance name to select rules The Probe queries GeoFence on each request* with proper info     Instance name User Request Details GeoFence provide Access Policy rules to manipulate the request on the fly within the Probe FOSS4G 2013, Nottingham 20th September 2013
GeoFence Architecture    The GeoFence ResourceAccessManager (Geofence Probe) uses a cache which minimizes the requests toward GeoFence. The cache can be configured on different aspects:  number of entries,  expiration time The cache provides REST operations (using GeoServer’s own REST dispatcher) in order to  Invalidate the cache  Query the cache statistics FOSS4G 2013, Nottingham 20th September 2013
GeoFence Rule System  Authorizations are expressed as a priority-based rule set     Type of Rules are ALLOW/DENY/LIMIT The first matching rule is the one that determines the outcome of the auth request Incoming authorization requests are transformed in a rule filter Filtering can be performed on one or more of these fields:   Username Group the provided user belongs to FOSS4G 2013, Nottingham 20th September 2013
GeoFence Rule System      Source geoserver instance  We can control multiple GeoServer clusters OGC Service  E.g. WMS OGC Service Operation  E.g. GetCapabilities Workspace  E.g. it.geosolutions Layer name  E.g. topp:states FOSS4G 2013, Nottingham 20th September 2013
GeoFence Rule System Example  Let’s assume we have configured these rules :    These rules will grant access for user u1 to    User: u1, Service:WMS, Workspace=W1,ALLOW User: u1, DENY all the layers in worspace W1 only for WMS request All other types of request will be DENIED. FOSS4G 2013, Nottingham 20th September 2013
GeoFence Rule System   When an ALLOW rule is matched, the user will have access to the requested resource. Finer Grain Control on single layer rules  further restrictions may be defined  i.e only a subset of the data contained in the layer could be made queryeable/visibile to the requesting user   Restrictions on visible Area   Restrictions on Queryable Attributes   Restrictions on Available Styles FOSS4G 2013, Nottingham 20th September 2013
GeoFence Rule System   Examples Limiting users access to  a subset of the attributes (R/W)  a specific geographic area.  a subset of the available styles (or the default style can be forced on all requets)  A specific view of the data via a CQL filter  For reading  For writing (delete, create, update) FOSS4G 2013, Nottingham 20th September 2013
GeoFence Rule System FOSS4G 2013, Nottingham 20th September 2013
GeoFence REST Interface      GeoFence provides a REST interface for administration  Allows automation! It allows a complete CRUD access to the various entities managed by GeoFence:  Users and groups  GeoServer instances  Rules The Find operation can be optionally paged  a Count operation is provided as well to take advantage of the pagination capability. Priority ordering in rules is fundamental   there are different ways to insert and set a position for the new rules. https://github.com/geosolutions-it/geofence/wiki/REST-API FOSS4G 2013, Nottingham 20th September 2013
GeoFence REST Interface    The REST interface also provides a batch mode  multiple CRUD commands can be issued at once  The commands in the batch are processed in the same transaction  Extremely important for automation! Backup and restore operations are provided as part of the REST interface as well REST API documentation available at https://github.com/geosolutions-it/geofence/wiki/REST-API FOSS4G 2013, Nottingham 20th September 2013
GeoFence User Interface  Top Categories     Users Groups Instances Rules FOSS4G 2013, Nottingham 20th September 2013
GeoFence User Interface Users Groups Instances FOSS4G 2013, Nottingham 20th September 2013
GeoFence User Interface Rules Details Details FOSS4G 2013, Nottingham 20th September 2013
GeoFence and LDAP     An LDAP server can be used as a repository for user and groups, including the optional ldap module in the deploy LDAP can be configured through the datasource properties file When using LDAP users and groups are not editable from the GeoFence interface (they are READ-ONLY) LDAP module documentation at https://github.com/geosolutions-it/geofence/wiki/LDAP-module FOSS4G 2013, Nottingham 20th September 2013
GeoFence and Existing Auth Proxies External Auth Source GeoFence DB Users Groups LDAP UserDAO LDAP GroupDAO UserDAO GroupDAO RuleDAO Persistence GeoFence  When LDAP is enabled, specific DAOs are used for users and groups instead of the default ones FOSS4G 2013, Nottingham 20th September 2013
GeoFence Use Cases SIAN FOSS4G 2013, Nottingham 20th September 2013
GeoFence Use Cases MapManager GeoGraphic Building Block MapStore GeoFence GeoFence GeoStore JMX Agents FOSS4G 2013, Nottingham 20th September 2013 GeoServer
GeoFence Use Cases Astrium GetGeo FOSS4G 2013, Nottingham 20th September 2013
GeoFence Use Cases Destination   Layers filtered (CQL filters) by user profile to constrain access to advanced functionality Possibility of spatial filters to allow regional access only FOSS4G 2013, Nottingham 20th September 2013
GeoFence Status     Project Release as Open Source Continuous Build is in place Dev and Users Mailing Lists are in place Improvements     Documentation Official Releases Integrated Build for testing and demoing UI Refactor FOSS4G 2013, Nottingham 20th September 2013
The End Thanks for not sleeping (loudly) alessio.fabiani@geo-solutions.it mauro.bartolomeoli@geo-solutions.it FOSS4G 2013, Nottingham 20th September 2013
GeoFence GeoFence Presentazione CUSTOM, Firenze 10 Maggio 2012

Recommended

Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017GeoSolutions
 
Advanced Security With GeoServer
Advanced Security With GeoServerAdvanced Security With GeoServer
Advanced Security With GeoServerGeoSolutions
 
오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용SANGHEE SHIN
 
GeoServer, an introduction for beginners
GeoServer, an introduction for beginnersGeoServer, an introduction for beginners
GeoServer, an introduction for beginnersGeoSolutions
 
GeoServer in Production: we do it, here is how!
GeoServer in Production: we do it, here is how!GeoServer in Production: we do it, here is how!
GeoServer in Production: we do it, here is how!GeoSolutions
 
GeoTools와 GeoServer를 이용한 KOPSS Open API의 구현
GeoTools와 GeoServer를 이용한 KOPSS Open API의 구현GeoTools와 GeoServer를 이용한 KOPSS Open API의 구현
GeoTools와 GeoServer를 이용한 KOPSS Open API의 구현MinPa Lee
 
Firestore: The Basics
Firestore: The BasicsFirestore: The Basics
Firestore: The BasicsJielynn Diroy
 
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기MinPa Lee
 

Recommended

Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017GeoSolutions
 
Advanced Security With GeoServer
Advanced Security With GeoServerAdvanced Security With GeoServer
Advanced Security With GeoServerGeoSolutions
 
오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용SANGHEE SHIN
 
GeoServer, an introduction for beginners
GeoServer, an introduction for beginnersGeoServer, an introduction for beginners
GeoServer, an introduction for beginnersGeoSolutions
 
GeoServer in Production: we do it, here is how!
GeoServer in Production: we do it, here is how!GeoServer in Production: we do it, here is how!
GeoServer in Production: we do it, here is how!GeoSolutions
 
GeoTools와 GeoServer를 이용한 KOPSS Open API의 구현
GeoTools와 GeoServer를 이용한 KOPSS Open API의 구현GeoTools와 GeoServer를 이용한 KOPSS Open API의 구현
GeoTools와 GeoServer를 이용한 KOPSS Open API의 구현MinPa Lee
 
Firestore: The Basics
Firestore: The BasicsFirestore: The Basics
Firestore: The BasicsJielynn Diroy
 
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기MinPa Lee
 
One GeoNode, many GeoNodes
One GeoNode, many GeoNodesOne GeoNode, many GeoNodes
One GeoNode, many GeoNodesGeoSolutions
 
mago3D 기술 워크샵 자료(한국어)
mago3D 기술 워크샵 자료(한국어)mago3D 기술 워크샵 자료(한국어)
mago3D 기술 워크샵 자료(한국어)SANGHEE SHIN
 
Advanced Security with GeoServer - FOSS4G 2015
Advanced Security with GeoServer - FOSS4G 2015Advanced Security with GeoServer - FOSS4G 2015
Advanced Security with GeoServer - FOSS4G 2015GeoSolutions
 
Fast DDS Hello World in Windows
Fast DDS Hello World in WindowsFast DDS Hello World in Windows
Fast DDS Hello World in WindowseProsima
 
Hdp security overview
Hdp security overview Hdp security overview
Hdp security overview Hortonworks
 
LX 공간정보아카데미 PostGIS 강의자료
LX 공간정보아카데미 PostGIS 강의자료LX 공간정보아카데미 PostGIS 강의자료
LX 공간정보아카데미 PostGIS 강의자료JungHwan Yun
 
오픈소스GIS 개론 과정 - OpenLayers 기초
오픈소스GIS 개론 과정 - OpenLayers 기초오픈소스GIS 개론 과정 - OpenLayers 기초
오픈소스GIS 개론 과정 - OpenLayers 기초HaNJiN Lee
 
공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재JungHwan Yun
 
Creating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesCreating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesGeoSolutions
 
CityGML Integration Into the ArcGIS Platform
CityGML Integration Into the ArcGIS PlatformCityGML Integration Into the ArcGIS Platform
CityGML Integration Into the ArcGIS PlatformSafe Software
 
GeoServer on Steroids
GeoServer on SteroidsGeoServer on Steroids
GeoServer on SteroidsGeoSolutions
 
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례BJ Jang
 
Storage and Alfresco
Storage and AlfrescoStorage and Alfresco
Storage and AlfrescoToni de la Fuente
 
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판BJ Jang
 
Geo server 성능향상을 위한 튜닝 기법 20111028
Geo server 성능향상을 위한 튜닝 기법 20111028Geo server 성능향상을 위한 튜닝 기법 20111028
Geo server 성능향상을 위한 튜닝 기법 20111028BJ Jang
 
오픈소스 GIS의 이해와 활용(육군사관학교 특강)
오픈소스 GIS의 이해와 활용(육군사관학교 특강)오픈소스 GIS의 이해와 활용(육군사관학교 특강)
오픈소스 GIS의 이해와 활용(육군사관학교 특강)SANGHEE SHIN
 
Introduction To PostGIS
Introduction To PostGISIntroduction To PostGIS
Introduction To PostGISmleslie
 
공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정BJ Jang
 
Basics of MongoDB
Basics of MongoDB Basics of MongoDB
Basics of MongoDB Habilelabs
 
Mobile Browser Internal (Blink Rendering Engine)
Mobile Browser Internal (Blink Rendering Engine)Mobile Browser Internal (Blink Rendering Engine)
Mobile Browser Internal (Blink Rendering Engine)Hyungwook Lee
 
GeoServer an introduction for beginners
GeoServer an introduction for beginnersGeoServer an introduction for beginners
GeoServer an introduction for beginnersGeoSolutions
 
GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...GeoSolutions
 

More Related Content

What's hot

One GeoNode, many GeoNodes
One GeoNode, many GeoNodesOne GeoNode, many GeoNodes
One GeoNode, many GeoNodesGeoSolutions
 
mago3D 기술 워크샵 자료(한국어)
mago3D 기술 워크샵 자료(한국어)mago3D 기술 워크샵 자료(한국어)
mago3D 기술 워크샵 자료(한국어)SANGHEE SHIN
 
Advanced Security with GeoServer - FOSS4G 2015
Advanced Security with GeoServer - FOSS4G 2015Advanced Security with GeoServer - FOSS4G 2015
Advanced Security with GeoServer - FOSS4G 2015GeoSolutions
 
Fast DDS Hello World in Windows
Fast DDS Hello World in WindowsFast DDS Hello World in Windows
Fast DDS Hello World in WindowseProsima
 
Hdp security overview
Hdp security overview Hdp security overview
Hdp security overview Hortonworks
 
LX 공간정보아카데미 PostGIS 강의자료
LX 공간정보아카데미 PostGIS 강의자료LX 공간정보아카데미 PostGIS 강의자료
LX 공간정보아카데미 PostGIS 강의자료JungHwan Yun
 
오픈소스GIS 개론 과정 - OpenLayers 기초
오픈소스GIS 개론 과정 - OpenLayers 기초오픈소스GIS 개론 과정 - OpenLayers 기초
오픈소스GIS 개론 과정 - OpenLayers 기초HaNJiN Lee
 
공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재JungHwan Yun
 
Creating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesCreating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesGeoSolutions
 
CityGML Integration Into the ArcGIS Platform
CityGML Integration Into the ArcGIS PlatformCityGML Integration Into the ArcGIS Platform
CityGML Integration Into the ArcGIS PlatformSafe Software
 
GeoServer on Steroids
GeoServer on SteroidsGeoServer on Steroids
GeoServer on SteroidsGeoSolutions
 
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례BJ Jang
 
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판BJ Jang
 
Geo server 성능향상을 위한 튜닝 기법 20111028
Geo server 성능향상을 위한 튜닝 기법 20111028Geo server 성능향상을 위한 튜닝 기법 20111028
Geo server 성능향상을 위한 튜닝 기법 20111028BJ Jang
 
오픈소스 GIS의 이해와 활용(육군사관학교 특강)
오픈소스 GIS의 이해와 활용(육군사관학교 특강)오픈소스 GIS의 이해와 활용(육군사관학교 특강)
오픈소스 GIS의 이해와 활용(육군사관학교 특강)SANGHEE SHIN
 
Introduction To PostGIS
Introduction To PostGISIntroduction To PostGIS
Introduction To PostGISmleslie
 
공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정BJ Jang
 
Basics of MongoDB
Basics of MongoDB Basics of MongoDB
Basics of MongoDB Habilelabs
 
Mobile Browser Internal (Blink Rendering Engine)
Mobile Browser Internal (Blink Rendering Engine)Mobile Browser Internal (Blink Rendering Engine)
Mobile Browser Internal (Blink Rendering Engine)Hyungwook Lee
 

What's hot (20)

One GeoNode, many GeoNodes
One GeoNode, many GeoNodesOne GeoNode, many GeoNodes
One GeoNode, many GeoNodes
 
mago3D 기술 워크샵 자료(한국어)
mago3D 기술 워크샵 자료(한국어)mago3D 기술 워크샵 자료(한국어)
mago3D 기술 워크샵 자료(한국어)
 
Advanced Security with GeoServer - FOSS4G 2015
Advanced Security with GeoServer - FOSS4G 2015Advanced Security with GeoServer - FOSS4G 2015
Advanced Security with GeoServer - FOSS4G 2015
 
Fast DDS Hello World in Windows
Fast DDS Hello World in WindowsFast DDS Hello World in Windows
Fast DDS Hello World in Windows
 
Hdp security overview
Hdp security overview Hdp security overview
Hdp security overview
 
LX 공간정보아카데미 PostGIS 강의자료
LX 공간정보아카데미 PostGIS 강의자료LX 공간정보아카데미 PostGIS 강의자료
LX 공간정보아카데미 PostGIS 강의자료
 
오픈소스GIS 개론 과정 - OpenLayers 기초
오픈소스GIS 개론 과정 - OpenLayers 기초오픈소스GIS 개론 과정 - OpenLayers 기초
오픈소스GIS 개론 과정 - OpenLayers 기초
 
공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재
 
Creating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesCreating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS styles
 
CityGML Integration Into the ArcGIS Platform
CityGML Integration Into the ArcGIS PlatformCityGML Integration Into the ArcGIS Platform
CityGML Integration Into the ArcGIS Platform
 
GeoServer on Steroids
GeoServer on SteroidsGeoServer on Steroids
GeoServer on Steroids
 
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례
[Foss4 g2013 korea]postgis와 geoserver를 이용한 대용량 공간데이터 기반 일기도 서비스 구축 사례
 
Storage and Alfresco
Storage and AlfrescoStorage and Alfresco
Storage and Alfresco
 
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
 
Geo server 성능향상을 위한 튜닝 기법 20111028
Geo server 성능향상을 위한 튜닝 기법 20111028Geo server 성능향상을 위한 튜닝 기법 20111028
Geo server 성능향상을 위한 튜닝 기법 20111028
 
오픈소스 GIS의 이해와 활용(육군사관학교 특강)
오픈소스 GIS의 이해와 활용(육군사관학교 특강)오픈소스 GIS의 이해와 활용(육군사관학교 특강)
오픈소스 GIS의 이해와 활용(육군사관학교 특강)
 
Introduction To PostGIS
Introduction To PostGISIntroduction To PostGIS
Introduction To PostGIS
 
공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정
 
Basics of MongoDB
Basics of MongoDB Basics of MongoDB
Basics of MongoDB
 
Mobile Browser Internal (Blink Rendering Engine)
Mobile Browser Internal (Blink Rendering Engine)Mobile Browser Internal (Blink Rendering Engine)
Mobile Browser Internal (Blink Rendering Engine)
 

Similar to Advanced GeoServer Security With GeoFence

GeoServer an introduction for beginners
GeoServer an introduction for beginnersGeoServer an introduction for beginners
GeoServer an introduction for beginnersGeoSolutions
 
GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...GeoSolutions
 
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...GeoSolutions
 
GeoServer The Open Source Solution for the interoperable management of geos...
GeoServer The Open Source Solution for the interoperable management of geos...GeoServer The Open Source Solution for the interoperable management of geos...
GeoServer The Open Source Solution for the interoperable management of geos...GeoSolutions
 
Geosolutions FOSS4g 2009 Redux
Geosolutions FOSS4g 2009 ReduxGeosolutions FOSS4g 2009 Redux
Geosolutions FOSS4g 2009 ReduxGeoSolutions
 
Fossgis 2013 GeoServer Presentation
Fossgis 2013 GeoServer PresentationFossgis 2013 GeoServer Presentation
Fossgis 2013 GeoServer PresentationGeoSolutions
 
Raster Data In GeoServer And GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer And GeoTools: Achievements, Issues And Future Develo...Raster Data In GeoServer And GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer And GeoTools: Achievements, Issues And Future Develo...GeoSolutions
 
Catania Science Gateway Framework
Catania Science Gateway Framework Catania Science Gateway Framework
Catania Science Gateway Framework riround
 
GFOSS DAY 2012 GeoNetwork Presentation
GFOSS DAY 2012 GeoNetwork PresentationGFOSS DAY 2012 GeoNetwork Presentation
GFOSS DAY 2012 GeoNetwork PresentationGeoSolutions
 
Geosolutions Foss4g It 2010
Geosolutions Foss4g It 2010Geosolutions Foss4g It 2010
Geosolutions Foss4g It 2010GeoSolutions
 
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...smespire
 
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...GeoSolutions
 
State of GeoServer 2015
State of GeoServer 2015State of GeoServer 2015
State of GeoServer 2015Jody Garnett
 
Geospatial Temporal Open Standards for Big Data from Space (BiDS2014)
Geospatial Temporal Open Standards for Big Data from Space (BiDS2014)Geospatial Temporal Open Standards for Big Data from Space (BiDS2014)
Geospatial Temporal Open Standards for Big Data from Space (BiDS2014)George Percivall
 
GeoServer on steroids
GeoServer on steroidsGeoServer on steroids
GeoServer on steroidsGeoSolutions
 
State of GeoServer
State of GeoServerState of GeoServer
State of GeoServerJody Garnett
 
Using GeoServer for spatio-temporal data management with examples for MetOc a...
Using GeoServer for spatio-temporal data management with examples for MetOc a...Using GeoServer for spatio-temporal data management with examples for MetOc a...
Using GeoServer for spatio-temporal data management with examples for MetOc a...GeoSolutions
 
Web Applications Development
Web Applications DevelopmentWeb Applications Development
Web Applications Developmentriround
 
BlogMyData at AllHands 2010
BlogMyData at AllHands 2010BlogMyData at AllHands 2010
BlogMyData at AllHands 2010Andrew Milsted
 

Similar to Advanced GeoServer Security With GeoFence (20)

GeoServer an introduction for beginners
GeoServer an introduction for beginnersGeoServer an introduction for beginners
GeoServer an introduction for beginners
 
GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...
 
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
 
GeoServer The Open Source Solution for the interoperable management of geos...
GeoServer The Open Source Solution for the interoperable management of geos...GeoServer The Open Source Solution for the interoperable management of geos...
GeoServer The Open Source Solution for the interoperable management of geos...
 
Geosolutions FOSS4g 2009 Redux
Geosolutions FOSS4g 2009 ReduxGeosolutions FOSS4g 2009 Redux
Geosolutions FOSS4g 2009 Redux
 
Fossgis 2013 GeoServer Presentation
Fossgis 2013 GeoServer PresentationFossgis 2013 GeoServer Presentation
Fossgis 2013 GeoServer Presentation
 
Raster Data In GeoServer And GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer And GeoTools: Achievements, Issues And Future Develo...Raster Data In GeoServer And GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer And GeoTools: Achievements, Issues And Future Develo...
 
Catania Science Gateway Framework
Catania Science Gateway Framework Catania Science Gateway Framework
Catania Science Gateway Framework
 
GFOSS DAY 2012 GeoNetwork Presentation
GFOSS DAY 2012 GeoNetwork PresentationGFOSS DAY 2012 GeoNetwork Presentation
GFOSS DAY 2012 GeoNetwork Presentation
 
Geosolutions Foss4g It 2010
Geosolutions Foss4g It 2010Geosolutions Foss4g It 2010
Geosolutions Foss4g It 2010
 
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
 
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
 
State of GeoServer 2015
State of GeoServer 2015State of GeoServer 2015
State of GeoServer 2015
 
Geospatial Temporal Open Standards for Big Data from Space (BiDS2014)
Geospatial Temporal Open Standards for Big Data from Space (BiDS2014)Geospatial Temporal Open Standards for Big Data from Space (BiDS2014)
Geospatial Temporal Open Standards for Big Data from Space (BiDS2014)
 
GeoServer on steroids
GeoServer on steroidsGeoServer on steroids
GeoServer on steroids
 
State of GeoServer
State of GeoServerState of GeoServer
State of GeoServer
 
Glasgow University Geo Metadata Workshop
Glasgow University Geo Metadata WorkshopGlasgow University Geo Metadata Workshop
Glasgow University Geo Metadata Workshop
 
Using GeoServer for spatio-temporal data management with examples for MetOc a...
Using GeoServer for spatio-temporal data management with examples for MetOc a...Using GeoServer for spatio-temporal data management with examples for MetOc a...
Using GeoServer for spatio-temporal data management with examples for MetOc a...
 
Web Applications Development
Web Applications DevelopmentWeb Applications Development
Web Applications Development
 
BlogMyData at AllHands 2010
BlogMyData at AllHands 2010BlogMyData at AllHands 2010
BlogMyData at AllHands 2010
 

More from GeoSolutions

MapStore 2 - The Story
MapStore 2 - The StoryMapStore 2 - The Story
MapStore 2 - The StoryGeoSolutions
 
Introduction to GeoNode
Introduction to GeoNodeIntroduction to GeoNode
Introduction to GeoNodeGeoSolutions
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...GeoSolutions
 
GeoServer Feature FRENZY
GeoServer Feature FRENZYGeoServer Feature FRENZY
GeoServer Feature FRENZYGeoSolutions
 
State of GeoServer 2.12
State of GeoServer 2.12State of GeoServer 2.12
State of GeoServer 2.12GeoSolutions
 
MapStore 2, modern mashups with OL3, Leaflet and React
MapStore 2, modern mashups with OL3, Leaflet and ReactMapStore 2, modern mashups with OL3, Leaflet and React
MapStore 2, modern mashups with OL3, Leaflet and ReactGeoSolutions
 
State of GeoServer - FOSS4G 2016
State of GeoServer - FOSS4G 2016State of GeoServer - FOSS4G 2016
State of GeoServer - FOSS4G 2016GeoSolutions
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...GeoSolutions
 
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...GeoSolutions
 
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...GeoSolutions
 
Mapping the world beyond web mercator - FOSS4G 2015
Mapping the world beyond web mercator - FOSS4G 2015Mapping the world beyond web mercator - FOSS4G 2015
Mapping the world beyond web mercator - FOSS4G 2015GeoSolutions
 
GeoServer on Steroids
GeoServer on Steroids GeoServer on Steroids
GeoServer on Steroids GeoSolutions
 
Advanced Cartographic Map Rendering in GeoServer
Advanced Cartographic Map Rendering in GeoServerAdvanced Cartographic Map Rendering in GeoServer
Advanced Cartographic Map Rendering in GeoServerGeoSolutions
 
Spatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
Spatio-temporal Data Handling With GeoServer for MetOc And Remote SensingSpatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
Spatio-temporal Data Handling With GeoServer for MetOc And Remote SensingGeoSolutions
 
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...GeoSolutions
 
GeoSolutions Keynote at WebMGS 2015
GeoSolutions Keynote at WebMGS 2015GeoSolutions Keynote at WebMGS 2015
GeoSolutions Keynote at WebMGS 2015GeoSolutions
 
GeoServer beginners gwf_2015
GeoServer beginners gwf_2015GeoServer beginners gwf_2015
GeoServer beginners gwf_2015GeoSolutions
 
Geosolutions gwf-2015-v01.04
Geosolutions gwf-2015-v01.04Geosolutions gwf-2015-v01.04
Geosolutions gwf-2015-v01.04GeoSolutions
 
Geoserver introduction, GeoBusiness 2015
Geoserver introduction, GeoBusiness 2015Geoserver introduction, GeoBusiness 2015
Geoserver introduction, GeoBusiness 2015GeoSolutions
 
Introduzione a GeoServer ed ai servizi OGC
Introduzione a GeoServer ed ai servizi OGCIntroduzione a GeoServer ed ai servizi OGC
Introduzione a GeoServer ed ai servizi OGCGeoSolutions
 

More from GeoSolutions (20)

MapStore 2 - The Story
MapStore 2 - The StoryMapStore 2 - The Story
MapStore 2 - The Story
 
Introduction to GeoNode
Introduction to GeoNodeIntroduction to GeoNode
Introduction to GeoNode
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...
 
GeoServer Feature FRENZY
GeoServer Feature FRENZYGeoServer Feature FRENZY
GeoServer Feature FRENZY
 
State of GeoServer 2.12
State of GeoServer 2.12State of GeoServer 2.12
State of GeoServer 2.12
 
MapStore 2, modern mashups with OL3, Leaflet and React
MapStore 2, modern mashups with OL3, Leaflet and ReactMapStore 2, modern mashups with OL3, Leaflet and React
MapStore 2, modern mashups with OL3, Leaflet and React
 
State of GeoServer - FOSS4G 2016
State of GeoServer - FOSS4G 2016State of GeoServer - FOSS4G 2016
State of GeoServer - FOSS4G 2016
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...
 
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
 
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
 
Mapping the world beyond web mercator - FOSS4G 2015
Mapping the world beyond web mercator - FOSS4G 2015Mapping the world beyond web mercator - FOSS4G 2015
Mapping the world beyond web mercator - FOSS4G 2015
 
GeoServer on Steroids
GeoServer on Steroids GeoServer on Steroids
GeoServer on Steroids
 
Advanced Cartographic Map Rendering in GeoServer
Advanced Cartographic Map Rendering in GeoServerAdvanced Cartographic Map Rendering in GeoServer
Advanced Cartographic Map Rendering in GeoServer
 
Spatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
Spatio-temporal Data Handling With GeoServer for MetOc And Remote SensingSpatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
Spatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
 
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
 
GeoSolutions Keynote at WebMGS 2015
GeoSolutions Keynote at WebMGS 2015GeoSolutions Keynote at WebMGS 2015
GeoSolutions Keynote at WebMGS 2015
 
GeoServer beginners gwf_2015
GeoServer beginners gwf_2015GeoServer beginners gwf_2015
GeoServer beginners gwf_2015
 
Geosolutions gwf-2015-v01.04
Geosolutions gwf-2015-v01.04Geosolutions gwf-2015-v01.04
Geosolutions gwf-2015-v01.04
 
Geoserver introduction, GeoBusiness 2015
Geoserver introduction, GeoBusiness 2015Geoserver introduction, GeoBusiness 2015
Geoserver introduction, GeoBusiness 2015
 
Introduzione a GeoServer ed ai servizi OGC
Introduzione a GeoServer ed ai servizi OGCIntroduzione a GeoServer ed ai servizi OGC
Introduzione a GeoServer ed ai servizi OGC
 

Recently uploaded

Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 

Recently uploaded (20)

Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 

Advanced GeoServer Security With GeoFence

  • 1. Advanced GeoServer Security With GeoFence Ing. Emanuele Tajariol, GeoSolutions Ing. Simone Giannecchini, GeoSolutions Ing. Alessio Fabiani, GeoSolutions FOSS4G 2013, Nottingham 20th September 2013
  • 2. GeoSolutions   Founded in Italy in late 2006 Expertise • • Java, Java Enterprise, C++, Python •  Image Processing, GeoSpatial Data Fusion JPEG2000, JPIP, Advanced 2D visualization Supporting/Developing FOSS4G projects    GeoServer, MapStore GeoBatch, GeoNetwork Clients    Public Agencies Private Companies http://www.geo-solutions.it FOSS4G 2013, Nottingham 20th September 2013
  • 3. Meet GeoFence FOSS4G 2013, Nottingham 20th September 2013
  • 4. GeoFence   Extended A&A for GeoServer Authentication    Open Source    Optional Integrated with GeoServer authorization architecture GPL Code on GitHub Authorization   Auth on data: e.g. layers, workspaces Auth on services: e.g. WMS, WFS FOSS4G 2013, Nottingham 20th September 2013
  • 5. GeoFence  Based on GSIP 57       Role Base Access Control    Mixed Interceptor + Probe approach Extended authorization management for GeoServer External Rule-Based System GeoServer Internal Probe On-the-fly manipulation of incoming requests Users Groups Rule-based database  IPTables-like FOSS4G 2013, Nottingham 20th September 2013
  • 6. GeoFence  Fine Grain Authorization Control       External Web Application    Services Operations Workspaces Layers Attributes (alphanumeric and geospatial) REST Interface GUI Scalable  1 GeoFence controls N GeoServer cluster FOSS4G 2013, Nottingham 20th September 2013
  • 7. GeoFence   Java Enterprise infrastructure  Spring/Spring-Remoting  Hibernate  Apache CXF Supports DBMS     PostgreSQL/PostGIS Oracle spatial H2 Performance ensured thanks to a fine-tunable cache FOSS4G 2013, Nottingham 20th September 2013
  • 8. GeoServer Security Model FOSS4G 2013, Nottingham 20th September 2013
  • 9. GeoServer Security Model  GeoServer offers extension points for   Authentication (filtering and credential checks) Authorization (resource access managers) FOSS4G 2013, Nottingham 20th September 2013
  • 10. GeoServer Security Model   The GeoFence Authentication provider delegates credential checks to GeoFence The GeoFence Resource Access Manager asks for permissions to the GeoFence authorization engine FOSS4G 2013, Nottingham 20th September 2013
  • 11. GeoServer Security Model FOSS4G 2013, Nottingham 20th September 2013
  • 12. Digging GeoFence FOSS4G 2013, Nottingham 20th September 2013
  • 13. GeoFence Architecture  Geofence Stack (again…) FOSS4G 2013, Nottingham 20th September 2013
  • 14. GeoFence Architecture Modules and packages  GUI core: GUI logic, implemented using GWT  webapp: produces the final web application .war file Geoserver (GeoFence Probe)  security: the GeoServer/GeoFence bridge: implements the ResourceAccessManager, forwarding the authorization requests to a remote GeoFence instance   FOSS4G 2013, Nottingham 20th September 2013
  • 15. GeoFence Architecture     The GeoFence ResourceAccessManager (Geofence Probe) is deployed in each GeoServer GeoServer instances in a cluster must share the same ClusterID (instance name) GeoFence uses the instance name to select rules The Probe queries GeoFence on each request* with proper info     Instance name User Request Details GeoFence provide Access Policy rules to manipulate the request on the fly within the Probe FOSS4G 2013, Nottingham 20th September 2013
  • 16. GeoFence Architecture    The GeoFence ResourceAccessManager (Geofence Probe) uses a cache which minimizes the requests toward GeoFence. The cache can be configured on different aspects:  number of entries,  expiration time The cache provides REST operations (using GeoServer’s own REST dispatcher) in order to  Invalidate the cache  Query the cache statistics FOSS4G 2013, Nottingham 20th September 2013
  • 17. GeoFence Rule System  Authorizations are expressed as a priority-based rule set     Type of Rules are ALLOW/DENY/LIMIT The first matching rule is the one that determines the outcome of the auth request Incoming authorization requests are transformed in a rule filter Filtering can be performed on one or more of these fields:   Username Group the provided user belongs to FOSS4G 2013, Nottingham 20th September 2013
  • 18. GeoFence Rule System      Source geoserver instance  We can control multiple GeoServer clusters OGC Service  E.g. WMS OGC Service Operation  E.g. GetCapabilities Workspace  E.g. it.geosolutions Layer name  E.g. topp:states FOSS4G 2013, Nottingham 20th September 2013
  • 19. GeoFence Rule System Example  Let’s assume we have configured these rules :    These rules will grant access for user u1 to    User: u1, Service:WMS, Workspace=W1,ALLOW User: u1, DENY all the layers in worspace W1 only for WMS request All other types of request will be DENIED. FOSS4G 2013, Nottingham 20th September 2013
  • 20. GeoFence Rule System   When an ALLOW rule is matched, the user will have access to the requested resource. Finer Grain Control on single layer rules  further restrictions may be defined  i.e only a subset of the data contained in the layer could be made queryeable/visibile to the requesting user   Restrictions on visible Area   Restrictions on Queryable Attributes   Restrictions on Available Styles FOSS4G 2013, Nottingham 20th September 2013
  • 21. GeoFence Rule System   Examples Limiting users access to  a subset of the attributes (R/W)  a specific geographic area.  a subset of the available styles (or the default style can be forced on all requets)  A specific view of the data via a CQL filter  For reading  For writing (delete, create, update) FOSS4G 2013, Nottingham 20th September 2013
  • 22. GeoFence Rule System FOSS4G 2013, Nottingham 20th September 2013
  • 23. GeoFence REST Interface      GeoFence provides a REST interface for administration  Allows automation! It allows a complete CRUD access to the various entities managed by GeoFence:  Users and groups  GeoServer instances  Rules The Find operation can be optionally paged  a Count operation is provided as well to take advantage of the pagination capability. Priority ordering in rules is fundamental   there are different ways to insert and set a position for the new rules. https://github.com/geosolutions-it/geofence/wiki/REST-API FOSS4G 2013, Nottingham 20th September 2013
  • 24. GeoFence REST Interface    The REST interface also provides a batch mode  multiple CRUD commands can be issued at once  The commands in the batch are processed in the same transaction  Extremely important for automation! Backup and restore operations are provided as part of the REST interface as well REST API documentation available at https://github.com/geosolutions-it/geofence/wiki/REST-API FOSS4G 2013, Nottingham 20th September 2013
  • 25. GeoFence User Interface  Top Categories     Users Groups Instances Rules FOSS4G 2013, Nottingham 20th September 2013
  • 26. GeoFence User Interface Users Groups Instances FOSS4G 2013, Nottingham 20th September 2013
  • 27. GeoFence User Interface Rules Details Details FOSS4G 2013, Nottingham 20th September 2013
  • 28. GeoFence and LDAP     An LDAP server can be used as a repository for user and groups, including the optional ldap module in the deploy LDAP can be configured through the datasource properties file When using LDAP users and groups are not editable from the GeoFence interface (they are READ-ONLY) LDAP module documentation at https://github.com/geosolutions-it/geofence/wiki/LDAP-module FOSS4G 2013, Nottingham 20th September 2013
  • 29. GeoFence and Existing Auth Proxies External Auth Source GeoFence DB Users Groups LDAP UserDAO LDAP GroupDAO UserDAO GroupDAO RuleDAO Persistence GeoFence  When LDAP is enabled, specific DAOs are used for users and groups instead of the default ones FOSS4G 2013, Nottingham 20th September 2013
  • 30. GeoFence Use Cases SIAN FOSS4G 2013, Nottingham 20th September 2013
  • 31. GeoFence Use Cases MapManager GeoGraphic Building Block MapStore GeoFence GeoFence GeoStore JMX Agents FOSS4G 2013, Nottingham 20th September 2013 GeoServer
  • 32. GeoFence Use Cases Astrium GetGeo FOSS4G 2013, Nottingham 20th September 2013
  • 33. GeoFence Use Cases Destination   Layers filtered (CQL filters) by user profile to constrain access to advanced functionality Possibility of spatial filters to allow regional access only FOSS4G 2013, Nottingham 20th September 2013
  • 34. GeoFence Status     Project Release as Open Source Continuous Build is in place Dev and Users Mailing Lists are in place Improvements     Documentation Official Releases Integrated Build for testing and demoing UI Refactor FOSS4G 2013, Nottingham 20th September 2013
  • 35. The End Thanks for not sleeping (loudly) alessio.fabiani@geo-solutions.it mauro.bartolomeoli@geo-solutions.it FOSS4G 2013, Nottingham 20th September 2013